Earlier this month the Coast Guard published
an updated version of “The
Guidelines for Cybersecurity Onboard Ships”. The 53-page .PDF document provides a
non-technical overview of cybersecurity concerns and activities that is not
technically an official Coast Guard document. While it addresses both IT and OT
cybersecurity issues it concentrates on the interaction of cybersecurity and
safety; coming up with an interesting new term that those in the OT cybersecurity
field are sure to find helpful: “cyber safety incidents”.
There is lots of useful information in this document for the
non-technical management of cybersecurity risks. One of the interesting aspects
of the way that the information is presented it that it includes numerous
examples of real-life incidents where a wide variety of cyber safety incidents
led to high-cost results. While the authors are careful to remove identifying
data from the incident descriptions, many of the incidents used were high-profile
news stories.
This is certainly a useful document, both for managers
responsible cyber risk management, but also for security professionals to
better help them communicate with those non-technical managers who control the
cybersecurity purse strings.
One minor point for the presentation designers of this
document; the page numbers are awfully hard to read.
Posts
No comments:
Post a Comment